[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <e9d9d4020711041242t41b30175w26275852471e0fb1@mail.gmail.com>
Date: Sun, 4 Nov 2007 14:42:25 -0600
From: reepex <reepex@...il.com>
To: nexus@...yhack.net, full-disclosure@...ts.grok.org.uk
Subject: Re: on xss and its technical merit
you see you are arguing how useful xss can be for an attacker, but the point
of this argument is
1) how hard is it find xss in applications
2) how hard it is to successfully exploit the vulnerability
compared to other vulnerabilities xss is way down on the scale
i also believe this is what pdp wanted to argue as he believes xss is on the
same scale as other bugs following 1 and 2
On Nov 4, 2007 2:28 PM, <nexus@...yhack.net> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> reepex wrote:
> > 1) XSS isnt techincal no matter how its used
> I totally disagree with you.. isn't technical for those who cannot
> realize how much powerful can be a xss, especially if persistent.
>
> > 2) people who use xss on pentests/real hacking/anything but phishing are
> > lame and only use it because they cannot write real exploits (non-web)
> or
> > couldnt find any other web bugs (sql injection, cmd exec,file include,
> > whatever)
> Imho the pentesting will move day by day closer to web applications
> flaws testing, since the web applications are self written by webmasters
> and more exposed to possible bugs. Concerning sql inj or rfi are not
> more difficult to be discovered..
>
> > 3) XSS does not have a place on this list or any other security list and
> i
> > remember when the idea of making a seperate bugtraq for xss was proposed
> and
> > i still think it should be done.
> Dunno about that, even if i agree that all the xss flaws found should
> not be reported here, they would be too much.
>
> > 4) if you go into a pentest/audit and all you get out is xss then its a
> > failed pentest and the customer should get a refund.
> I don't agree with this too for the same reasons as before.
>
> > 5) publishing xss shows your weakness and that you dont have the ability
> to
> > find actual bugs ( b/c xss isnt a vuln its crap )
> Imho a xss is a vuln as much as the others, since if used smartly could
> get quite dangerous.
>
> Reading a report from zone-h i read that the most effective hacking
> cause it's the xss.. i don't know if i shall agree with this, but
> obviously it should make us think about it.
>
> bye
>
> /nexus
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.7 (GNU/Linux)
>
> iD8DBQFHLitaVVYXVqV+ctMRAkcEAKCLXroIu80OemE/m/voaN4iczrJigCfTH3Q
> EJOb41+Eex4lFNy1AHJ9xhE=
> =ICJh
> -----END PGP SIGNATURE-----
>
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists